We use cookies to customise content for your subscription and for analytics.If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

KBR, Inc., has agreed to pay a civil money penalty of $130,000 to settle allegations by the Securities and Exchange Commission that KBR violated the Dodd-Frank Wall Street Reform and Consumer Protection Act. Specifically, the SEC alleged that confidentiality statements KBR required its employees to sign in the course of internal investigations might impede whistleblower reports to the government. As part of the settlement, KBR has also agreed to notify all employees since August 2011 that it the confidentiality provision does not preclude them from making reports to the Government about potential misconduct. Given that KBR has tens of thousands of employees, this is no small undertaking.

The outcome is noteworthy and should be unsettling for government contractors, particularly those that are publicly traded, for several reasons.

First, the SEC imposed a penalty despite acknowledging that there was no evidence that any KBR employee was in fact prevented from communicating with SEC staff, and despite the SEC's admission that it had no evidence that KBR ever enforced the confidentiality provision to impede reporting to the government.

Second, this action against KBR is just the latest in a series of high profile legal decisions regarding KBR and its internal investigations practices. Read client our March 27, 2014 and June 30, 2014 client alerts on other recent developments in this regard. While KBR has been a lightning rod for such attention, prudent contractors should take note of these issues and the evolving state of play on issues such as the application of attorney client privilege in internal investigations.

Third, more broadly, the SEC's position continues a trend of government enforcement actions in the name of whistleblower protection aimed at contractor compliance programs, internal investigation practices, and employment practices. This continuing trend presents a significant risk factor that contractors must be mindful of as they address other compelling and important considerations, such as the manner in which they investigate reports of potential misconduct and how they manage the flow of information in the hands of their employees.

This post addresses the first item. We will address the two broader items, and some other important recent developments in this area, in a separate alert.

A Penalty in the Absence of Misconduct

Like any government contractor, KBR conducts internal investigations involving allegations of misconduct and in the course of such investigations it often interviews employees. The SEC enforcement action was aimed at the form confidentiality statement KBR had interviewees sign at the start of an interview in such internal investigations, which read as follows:

I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without the prior authorization of the Law Department. I understand that the unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment.

The SEC asserted that this form language violated SEC Rule 21F-17, which was promulgated pursuant to Dodd-Frank and became effective August 12, 2011. The pertinent portion of this rule states:

(a) No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement ... with respect to such communications.

Notably, through the settlement agreement the SEC acknowledges that KBR never actually impeded any whistleblowers at all. The SEC also acknowledged that KBR did not enforce this confidentiality provision in such a way as to prevent a complaint from reaching SEC staff, and the SEC admits it was not aware of any employees being forced to obtain prior authorization from the Law Department before discussing the substance of the interview. Nevertheless, the SEC found KBR's policy "undermines the purpose of … Rule 21F-17(a), which is to 'encourage individuals to report to the Commission.'" Despite the absence of any evidence of wrongdoing, the SEC imposed a six-figure civil penalty.

The SEC also required KBR to make reasonable efforts to contact anyone employed by KBR since Rule 21F-17 went into effect to inform them that it does not require its employees to seek permission prior to making reports to any government agency or entity, including DOJ, Inspectors General or the Congress. In addition, KBR agreed to amend its confidentiality statement to include the following statement:

Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need the prior authorization of the Law Department to make any such reports or disclosures and I am not required to notify the company that I have made such reports or disclosures.

The bottom line is that KBR did not impede its employees from reporting information to the government. However, because the SEC believed the confidentiality provision could conceivably have chilled communications with government personnel, KBR was required not only to change its policy, but to pay a substantial civil penalty.

Related topic hubs

Compare jurisdictions: M&A

"The problem with the information age is that it leaves one drinking from a firehose. The service succeeds in reducing that torrent to manageable gulps of high value analyses addressing topics of immediacy. "